As you may know, Exchange Online is already protected with Exchange Online Protection (protection you can improve with the E5 license and Advanced Threats Management).

That said, the EOP security is already quite good and performing well, but even with this, sometime when a message is being put into the Junk Email folder, the end-user may be lost with what to do? is it really a junk or a false positive?

New safety tips are being displayed in both Outlook client and Outlook on the Web (formerly Outlook Web Access) to help the end-user to better understand:

  • Messages marked Suspicious have a red safety tip and are either a known phishing message, have failed sender authentication, are a suspected spoofing message or have met some other criteria that Exchange Online Protection has used to determine the message is fraudulent. You should not interact with suspicious messages and instead should delete them

image

  • A yellow bar at the top of the message indicates an Unknown safety level. Being marked as Unknown indicates that Exchange Online Protection has marked the message as spam. You can click the It’s not spam link in the yellow bar of a junk mail item to move the message to your inbox

image

  • Messages from a Trusted sender display a green bar at the top of the message. These are from domains identified by Microsoft as being safe

image

  • Messages marked with a gray safety tip indicates that the email was not filtered for spam because it is either considered Safe by the user’s organization, is on the user’s safe senders list or Exchange Online Protection marked the message as junk but the user moved it out of the junk folder to the inbox. The gray safety bar also appears when images within the message have been disabled

image